tauri-svelte-typescript-general
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The SKILL.md file contains instructions for the agent to execute the bash command 'cat .claude/context/memory/learnings.md' as part of its 'Memory Protocol' to retrieve stored context and patterns.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its mechanism for reading and writing to a persistent local memory file without adequate safeguards.
- Ingestion points: The agent reads from .claude/context/memory/learnings.md and processes external .svelte, .ts, and .tsx files.
- Boundary markers: There are no instructions to use delimiters or to treat the content of the memory file as untrusted data, which could allow instructions embedded in the data to be followed.
- Capability inventory: The skill provides the agent with file read, write, and edit capabilities, as well as instructions for shell command execution.
- Sanitization: The skill does not implement any validation or sanitization of the content read from the memory file or the codebase before it is integrated into the agent's active context.
Audit Metadata